DETECTION OF UNAUTHORIZED WIRELESS PERSONAL AREA NETWORK LOW ENERGY DEVICES
First Claim
1. A method for determining an unauthorized device, the method comprising:
- receiving, by one of more computer processors, detection information from a computing device, wherein the detection information includes;
a broadcast transmission from one or more devices with an associated universally unique identifier, major ID, minor ID, and received signal strength within an indoor positioning system;
creating, by one or more computer processors, a state trajectory map based on the received detection information, wherein the state trajectory map identifies connections between at least the computing device and a first device of the one or more devices and the computing device and a second device of the one or more devices;
determining, by one or more computer processors, one or more anomalies within the created state trajectory map;
determining, by one or more computer processors, an unauthorized device based on the determined one or more anomalies;
analyzing, by one or more computer processors, a suspicious state list for one or more of the following;
high frequency of occurrence of a universally unique identifier, and multiple connections with multiple state changes associated with a universally unique identifier;
determining, by one or more computer processor, the unauthorized device based on the analyzed suspicious state list; and
reporting, by one or more computer processors, the determined unauthorized device
1 Assignment
0 Petitions
Accused Products
Abstract
In an approach for determining an unauthorized device, a computer receives detection information from a computing device, wherein the detection information includes a broadcast transmission from one or more devices. The computer creates a state trajectory map based on the received detection information, wherein the state trajectory map identifies connections between at least the computing device and a first device of the one or more devices and the computing device and a second device of the one or more devices. The computer one or more anomalies within the created state trajectory map. The computer determines an unauthorized device based on the determined one or more anomalies.
19 Citations
20 Claims
-
1. A method for determining an unauthorized device, the method comprising:
-
receiving, by one of more computer processors, detection information from a computing device, wherein the detection information includes;
a broadcast transmission from one or more devices with an associated universally unique identifier, major ID, minor ID, and received signal strength within an indoor positioning system;creating, by one or more computer processors, a state trajectory map based on the received detection information, wherein the state trajectory map identifies connections between at least the computing device and a first device of the one or more devices and the computing device and a second device of the one or more devices; determining, by one or more computer processors, one or more anomalies within the created state trajectory map; determining, by one or more computer processors, an unauthorized device based on the determined one or more anomalies; analyzing, by one or more computer processors, a suspicious state list for one or more of the following;
high frequency of occurrence of a universally unique identifier, and multiple connections with multiple state changes associated with a universally unique identifier;determining, by one or more computer processor, the unauthorized device based on the analyzed suspicious state list; and reporting, by one or more computer processors, the determined unauthorized device - View Dependent Claims (2, 3, 5, 6, 7)
-
-
4. (canceled)
-
8. A computer program product for determining an unauthorized device, the computer program product comprising:
-
one or more computer readable storage media and program instructions stored on the one or more computer readable storage media, the program instructions comprising; program instructions to receive detection information from a computing device, wherein the detection information includes;
a broadcast transmission from one or more devices with an associated universally unique identifier, major ID, minor ID, and received signal strength within an indoor positioning system;program instructions to create a state trajectory map based on the received detection information, wherein the state trajectory map identifies connections between at least the computing device and a first device of the one or more devices and the computing device and a second device of the one or more devices; program instructions to determine one or more anomalies within the created state trajectory map; program instructions to determine an unauthorized device based on the determined one or more anomalies; program instructions to analyze a suspicious state list for one or more of the following;
high frequency of occurrence of a universally unique identifier, and multiple connections with multiple state changes associated with a universally unique identifier;program instructions to determine the unauthorized device based on the analyzed suspicious state list; and program instructions to report the determined unauthorized device. - View Dependent Claims (9, 10, 12, 13, 14)
-
-
11. (canceled)
-
15. A computer system for determining an unauthorized device, the computer system comprising:
-
one or more computer processors, one or more computer readable storage media, and program instructions stored on the computer readable storage media for execution by at least one of the one or more processors, the program instructions comprising; program instructions to receive detection information from a computing device, wherein the detection information includes;
a broadcast transmission from one or more devices with an associated universally unique identifier, major ID, minor ID, and received signal strength within an indoor positioning system;program instructions to create a state trajectory map based on the received detection information, wherein the state trajectory map identifies connections between at least the computing device and a first device of the one or more devices and the computing device and a second device of the one or more devices; program instructions to determine one or more anomalies within the created state trajectory map; program instructions to determine an unauthorized device based on the determined one or more anomalies; program instructions to analyze a suspicious state list for one or more of the following;
high frequency of occurrence of a universally unique identifier, and multiple connections with multiple state changes associated with a universally unique identifier;program instructions to determine the unauthorized device based on the analyzed suspicious state list; and program instructions to report the determined unauthorized device. - View Dependent Claims (16, 17, 19, 20)
-
-
18. (canceled)
Specification